iPhone Kill Switch: How Effective Is It?

A new report shows that the iPhone kill switch may not be as effective as first thought. What does this mean for other smartphone kill switches?

7 Mobile Power Technologies To Watch

(Click image for larger view and slideshow.)

My iPhone 6 Plus was picked from my pocket in Barcelona in March as I walked home from dinner one evening. After speaking to local police for a few moments, I ran back to my hotel to locate the phone through Apple's Find My iPhone tool. Too late. The thieves had already turned it off.

I always protect my phones, tablets, and computers with a password, so I was not worried about the thieves cracking into my handset and rooting through my personal information. Similarly, I backed the device up regularly, so there was nothing vital on the phone that I didn't have stored elsewhere.

Last, I took advantage of the remote erase and lock functions so when the thieves turned the phone back on the first thing it would do was delete all my data and then turn into a useless brick.

Bricked phones can't be re-used. So my stolen iPhone 6 Plus was effectively a paperweight to the person who took it. Not many people care to pay cash for a paperweight. The idea behind the activation lock is to make iPhones inoperable so thieves can't profit from selling them. If they can't sell a bricked phone, there's no reason to steal it in the first place.

When put in place, an iPhone or iPad cannot be reactivated on a different account without the original owner's Apple ID and password. Initial results hailed the activation lock as a massive deterrent to thieves. The impact was a near-immediate drop in iPhone thefts in large cities, such as New York and San Francisco.

Months later, the results showed some promise. In San Francisco, for example, iPhone robberies were down 38%. But they were down only 17% in Austin (includes lost phones, too), and down 11% in Oakland. In Seattle, however, iPhone thefts actually increased 32% in the six months after the kill switch was put in place.

Consumer Reports suggests there has been improvement. In 2013, for example, there were 3.1 million reported smartphone thefts. In 2014, that number dropped by one-third to 2.1 million. That's certainly progress.

Why isn't the kill switch having a bigger impact? To start, the kill switch is not on by default, especially on older devices. Owners have to take the time to set it up. Thieves know this, and have decided it's worth the risk to see if the kill switch is indeed present.

"Will [smartphone theft] go away 100%? Probably not," George Gascónn, San Francisco District Attorney, told the Journal. "What it is doing is reducing it so substantially that it's not the epidemic that we saw."

Beginning this month, the vast majority of handsets sold in the US will include a kill switch, including those smartphones running Google's Android operating system. Moreover, the FCC wants carriers to turn on Activation Lock features on all phones by default.

"If implemented, these features will result in more consumers using these powerful features, which, in turn, will mark a key milestone in combating smartphone theft," said FCC Chairman Tom Wheeler.

The smartphone kill switch is having at least some impact. Even so, businesses should mandate all employee devices be protected by passcodes and, moreover, make sure the kill switch features are properly set up.

Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Given the dearth of users who are either unwilling or unable to lock their phones, the only way I can visualize the kill-switch being in the 90% effective percentile is if the new models being manufactured have it enabled by default.

It is very scary phones should be treated just like laptops were before they can provide employees with access to proprietary information and usage and access should always be monitored. Not having the ability to remotely access a phone is a critical security error for companies.

@SachinEE - wow that's terrible! And scary - something I haven't really considered as a possibility personally, but you just never know these days.
How do companies that don't use Exchange administrate mobile devices? I can't imagine not having a way to do a administrative wipe of, at the very least, the company's information, ie, email - not the entire phone's contents because the line is blurred between work and personal and they are often on the same device. But what if you have a disgruntled employee running around with company info on their phone. Let's say one day they just stop coming to work (happened here recently) - someone in the firm needs the ability to cut them off - forget about it being stolen - there's nothing worse for company data than an irrate former employee.

@vnewman: yes. After my phone was stolen all higher employees had to digitally sign their phones in case they are lost so that the company data can be erased. The second case of my phone being stolen was deliberately planned through a series of people. It were corporate stealing. Ironically my phone was returned to me after all the company data was copied from it. However when I ran a full diagnostics I came across software installed in the phone that records keystrokes and whenever on WiFi sync's data to a remote server. Terrible example of corporate stealing.

I agree. The killswitch is necessary. I've had two phones already pickpocketed on my way to office and that had my presentation in it. Terrible day explaining to the boss. Anyway I believe that Synching is necessary whenever the phone is hooked to a WiFi banding. The killswitch should be present on every phone in my opinion.

A lot of the antivirus software for mobile apps now has a Killswitch option where you can wipe your phone clean if it's stolen or lost. The one I used recently I love me to login on the website and wipe the phone if needed . This sounds like a good option for enterprises whose employees use smart phones for business . Enabling a remote administrator to wipe the phone clean offers maximum protection .

I feel like if you are using your iPhone as a business phone, your company should be using a more sophisticated means of remotely disabiling your device than just the built-in kill switch. My firm uses certificate-based authentication for Exchange 2010 and although I understand some small businesses obviously do not have Exchange servers, it seems really risky to me not to have an enterprise-managed security feature on any device that can leave the firm.